Electronic device, method and storage medium

ABSTRACT

According to one embodiment, an electronic device includes one or more connectors configured to connect external devices, and circuitry. The circuitry is configured to detect that the external devices are connected to the one or more connectors, and to authenticate access of a user based on an order in which the external devices are connected to the one or more connectors.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application No.62/134,978, filed Mar. 18, 2015, the entire contents of which areincorporated herein by reference.

FIELD

Embodiments described herein relate generally to an electronic device, amethod and a storage medium.

BACKGROUND

In recent years, battery-operated, portable electronic devices, forexample, notebook personal computers (PCs), have been widely used. Thiskind of electronic device has a function of setting a password as asecurity measure to prevent itself from being abused by a person otherthan a valid user.

If a password is set, the password needs to entered whenever anelectronic device is used even in an environment where the risk of abuseis extremely low, for example in a house or an office, whereby theconvenience of the electronic device is impaired. If a complex anddifficult password is set, the password may also be forgotten. However,if a password is not set for this kind of electronic device which excelsin portability and can be used in various environments in which a personis going out or is moving, etc., abuse will be permitted at a point intime when others (persons other than a valid user) are given a chance touse the device. In addition, also in the case where a simple password isset with priority given to convenience, it is highly likely that thepassword will be discovered by, for example, prying or guessing, and thedevice will be abused.

BRIEF DESCRIPTION OF THE DRAWINGS

A general architecture that implements the various features of theembodiments will now be described with reference to the drawings. Thedrawings and the associated descriptions are provided to illustrate theembodiments and not to limit the scope of the invention.

FIG. 1 is an exemplary illustration showing an example of an outside ofan electronic device of an embodiment.

FIG. 2 is an exemplary illustration showing an example of a systemconfiguration of the electronic device of the embodiment.

FIG. 3 is an exemplary illustration showing an example of a settingscreen of an alternative password displayed in the electronic device ofthe embodiment.

FIG. 4 is an exemplary illustration showing an example of setting thealternative password on the setting screen of FIG. 3.

FIG. 5 is an exemplary flowchart showing an operating procedure relatedto password registration of the electronic device of the embodiment.

FIG. 6 is an exemplary flowchart showing an operating procedure relatedto password authentication of the electronic device of the embodiment.

DETAILED DESCRIPTION

Various embodiments will be described hereinafter with reference to theaccompanying drawings.

In general, according to one embodiment, an electronic device includesone or more connectors configured to connect to external devices, andcircuitry. The circuitry is configured to detect that the externaldevices are connected to the one or more connectors, and to authenticateaccess of a user based on an order in which the external devices areconnected to the one or more connectors.

FIG. 1 is an exemplary illustration showing an example of an outside ofan electronic device of a present embodiment. As shown in FIG. 1, theelectronic device can be implemented as, for example, a notebook PC 1.

FIG. 1 is a front perspective view of the computer 1 with a display unitopen. The PC 1 comprises a main body 11 and a display unit 12. A display109 is incorporated in the display unit 12.

The display unit 12 is attached to the main body 11 to be rotatablebetween an open position at which a top surface of the main body 11 isexposed and a closed position at which the top surface of the main body11 is covered by the display unit 12. The main body 11 comprises ahousing in the shape of a thin box, and a keyboard 116 is disposed on atop surface thereof.

In addition, several connectors 110 for connecting external displays andseveral USB ports 111 for connecting universal serial bus (USB) devicesare provided on a side surface of the main body 11. The connectors 110conform to the High-definition Multimedia Interface(HDMI)/DisplayPort/RGB standard, etc., and the USB ports 111 conform tothe USB standard. Moreover, although not shown in FIG. 1, a connector114 for connecting an extension unit referred to as a docking station orthe like is provided on a back surface of the computer main body 11.

FIG. 2 is an exemplary illustration showing an example of a systemconfiguration of the PC 1. As shown in FIG. 2, the PC 1 comprises a CPU102, a memory controller 103, a display controller 104, a Serial ATAttachment (Serial ATA [SATA]) controller 105, and a USB controller 106.These can be implemented as a single IC (MPU 101). In addition, the PC 1comprises a main memory 107, a hard disk drive (HDD)/solid-state drive(SSD) 108, the above-described display 109, the above-describedconnectors 110, the above-described USB ports 111, a BIOS-ROM 112, anonvolatile memory 113, the above-described connector 114, a keyboardcontroller (KBC)/embedded controller (EC) 115, and the above-describedkeyboard 116. Moreover, although not shown in FIG. 2, the PC 1 isequipped with various Peripheral Component Interconnect (PCI) devices,Low Pin Count (LPC) devices, etc.

The CPU 102 controls operation of various components of the PC 1. TheCPU 102 can cause the PC 1 to operate variously by loading variousprograms (application programs including an OS, a BIOS, and a utility,etc.) stored in the HDD/SSD 108 and the BIOS-ROM 112 to the main memory107 and executing the programs. The BIOS stored in the BIOS-ROM 112includes a password control module 200 which will be described later.

The memory controller 103 exerts access control over the main memory107. The display controller 104 controls the display 109, and alsocontrols external displays (an HDMI monitor 117, a DisplayPort monitor118, an RGB monitor 119, etc.) connected to the connectors 110. The SATAcontroller 105 controls a storage device (the HDD/SSD 108 herein)conforming to the SATA interface standard. The USB controller 106controls USB devices (a USB keyboard 120, a USB mouse 121, etc.)connected to the USB ports 111.

The nonvolatile memory 113 is a storage medium used to save varioussetting data items on the PC 1. The KBC/EC 115 controls key entry fromthe keyboard 116.

Next, a function of the password control module 200 (included in theBIOS) operating on the PC 1 having the above-described configurationwill be described. It should be noted that not only the BIOS but the OS,for example, may include the function of the password control module200.

The password control module 200 relates to security measures whichprevent the PC 1 from being abused by a person other than a valid user,and provides a mechanism of improving the convenience of a widespreadauthentication technique of identifying a user as a valid user bycausing the user to enter a preset password when using the PC 1.

As described above, the PC 1 comprises the connectors 110, the USB ports111, and the connector 114. Thus, the password control module 200 canauthenticate a user by the order in which external devices are connectedto the connectors 110, the USB ports 111, and the connector 114. Thatis, the user, for example, can use the PC 1 only by connecting externaldevices in predetermined order without inputting a complex and difficultpassword, while setting the complex and difficult password.

Therefore, the password control module 200 firstly has a function ofsetting the order in which external devices are connected as a password.For the sake of simplicity, the order in which external devices areconnected set as a password is herein referred to as an alternativepassword. The password control module 200 provides a user interface forthe user to set an alternative password. Needless to say, the passwordcontrol module 200 has a function of setting a (normal) password, andprovides a user interface for the user to set a password. Either apassword or an alternative password may be set, or both of them may beset. Both of them may not be set.

When setting an alternative password, the user activates an alternativepassword setting function of the password control module 200 in thestate where external devices to apply to the alternative password areconnected to the PC 1. More specifically, the user performs an operationfor causing a setting screen of an alternative password to be displayedon the PC 1. When the operation is performed, the password controlmodule 200 acquires identification data from external devices connectedto the PC 1, and displays a list of the external devices based on theacquired identification data. As identification data of externaldevices, for example, extended display identification data (EDID) of adisplay device and a descriptor of a USB device can be used. FIG. 3shows an example of the setting screen of an alternative passworddisplayed by the password control module 200.

It is herein assumed that the USB keyboard 120, the HDMI monitor 117,and a docking station 122 are connected to the USB port 111, theconnector 110, and the connector 114, respectively. In this case, “USEkeyboard”, “HDMI monitor” and “Docking station” are displayed in a liston the setting screen of an alternative password as shown in FIG. 3.

On the setting screen of an alternative password on which externaldevices are thus displayed in a list as options, the user selectsexternal devices to be applied to an alternative password whiledesignating the order in which they are connected. It is herein assumedthat the user intends that the PC 1 will be available if the USBkeyboard 120 is connected to the USB port 111 and the HDMI monitor 117is connected to the connector 110.

In this case, the user performs an operation of inputting “1” to theitem “USB keyboard” and inputting “2” to the item “HDMI monitor” asshown in FIG. 4, using, for example, the USB keyboard 120 (connected tothe USB port 111). When some input is performed on the setting screen ofan alternative password, the password control module 200 displays amessage inquiring whether to register a set alternative password, andsaves settings on the setting screen in, for example, the nonvolatilememory 113 if an operation for registration, for example, an operationof inputting “Y”, is performed. That is, the connection to the PC 1 inthe order of (1) the USB keyboard and (2) the HDMI monitor is set as analternative password. If a password is set, the password is also savedin, for example, the nonvolatile memory 113.

Let us next assume the case where the PC 1 for which such an alternativepassword is set is, for example, powered on. In addition, it is hereinassumed that a complex and difficult password is set.

When the PC 1 is powered on, a user authentication function of thepassword control module 200 is activated. The password control module200 examines whether or not a password (at least one of a password andan alternative password) is set, and if the password is set, displays ascreen (password entry screen) for causing the user to enter thepassword. If a valid password is entered on the password entry screen,the password control module 200 authenticates the user as a valid userand permits the user to use the PC 1.

In addition, if an external device is connected to PC 1 while thepassword entry screen is displayed, the password control module 200acquires identification data on the external device. Whenever anexternal device is connected to the PC 1, the password control module200 acquires identification data on the external device. Then, thepassword control module 200 examines whether or not the order in whichexternal devices are connected to the PC 1 matches the order set as analternative password based on the identification data, and if itmatches, authenticates the user as a valid user and permits the user touse the PC 1. That is, the password control module 200 secondly has afunction of authenticating the user by the order in which externaldevices are connected.

Accordingly, the user can use the PC 1 by connecting the USE keyboard120 to the USE port 111 and connecting the HDMI monitor 117 to theconnector 110 instead of inputting a complex and difficult password.

FIG. 5 is an exemplary flowchart showing an operating procedure relatedto password registration of the PC 1 (password control module 200).

If a request to set a password, that is, set an arbitrary characterstring as a password, is made (Yes in block Al), the PC 1 causes theuser to set an arbitrary character string (block A2). In addition, if arequest to set an alternative password, that is, set the order in whichexternal devices are connected as a password, is made (Yes in block A3),the PC 1 first examines whether or not external devices are connected(block A4). If there are connected external devices (Yes in block A5),the PC 1 acquires data on the external devices (block A6).

The PC 1 displays the names of the external devices based on theacquired data, and causes the user to select external devices the userwants to register as an alternative password with the order ofconnection (block A7). If the order in which the external devices areconnected is set (Yes in block A8), the PC 1 saves the order in whichthe external devices are connected in the nonvolatile memory 113 (blockA9).

In addition, FIG. 6 is an exemplary flowchart showing an operatingprocedure related to password authentication of the PC 1 (passwordcontrol module 200).

For example, when it is powered on, the PC 1 examines whether or not apassword is set (block B1), and if set (Yes in block B1), displays thepassword entry screen (block B2).

If a password is keyed in (Yes in block B3), the PC 1 examines whetheror not the password keyed in matches the set password (block B8). If thepassword matches (Yes in block B8), the PC 1 authenticates the user as avalid user and permits the user to log on. If the password does notmatch (No in block B8), the PC 1 is powered off.

On the other hand, if an external device is connected (No in block B3,Yes in block B4), the PC 1 displays “.” in a password entry area on thepassword entry screen, and waits for a predetermined time (N seconds) toelapse (block B6). If an external device is further connected before Nseconds elapses (No in block B6 and Yes in block B4), the PC 1 displaysfurther “.” in the password entry area on the password entry screen(block B5). If no external device is further connected and N secondselapsed (Yes in block B6), the PC 1 examines whether or not the order inwhich the external devices are connected matches a set order (block B7).If the order matches (Yes in block B7), the PC 1 authenticates the useras a valid user and permits the user to log on. If the password does notmatch (No in block B7), the PC 1 returns to displaying the passwordentry screen of block B2.

In this manner, according to the PC 1, the convenience of a widespreadauthentication technique of identifying a user as a valid user isimproved.

In the above description, an example of authenticating the user as avalid user if (1) the USB keyboard and (2) the HDMI monitor areconnected to the PC 1 in this order has been given. The technique ofauthenticating a user by the order in which external devices areconnected is not limited to this example, and is variously applicable.

For example, the user may also be authenticated as a valid user if aspecific USB keyboard and a specific HDMI monitor are connected.Moreover, the user may also be authenticated as a valid user if a USBkeyboard is connected to a specific USB port and an HDMI monitor isconnected to a specific connector, by determining to which port orconnector an external device is connected. Furthermore, the user mayalso be authenticated as a valid user if a specific USB keyboard isconnected to a specific USB port and a specific HDMI monitor isconnected to a specific connector. In addition, focusing on determiningto which port or connector an external device is connected, it may alsobe determined whether or not the user is a valid user only on the basisof the order of ports or connectors to which the external devices areconnected, whichever external devices are connected.

Various functions disclosed in the embodiments may be each implementedby circuitry. Examples of the circuitry include a programmed processorsuch as a central processing unit (CPU). The processor executes each ofthe disclosed functions by executing a program stored in a memory. Theprocessor may be a microprocessor including an electric circuit. Theexamples of the circuitry also include a digital signal processor (DSP),an application-specific integrated circuit (ASIC), a microcontroller, acontroller, and other electric circuit components.

Because various processes of the embodiments can be implemented by acomputer program, the same advantages as those of the embodiments can beeasily achieved by installing the computer program in a normal computerthrough a computer-readable storage medium storing the computer programand executing the computer program.

The various modules of the systems described herein can be implementedas software applications, hardware and/or software modules, orcomponents on one or more computers, such as servers. While the variousmodules are illustrated separately, they may share some or all of thesame underlying logic or code.

While certain embodiments have been described, these embodiments havebeen presented by way of example only, and are not intended to limit thescope of the inventions. Indeed, the novel embodiments described hereinmay be embodied in a variety of other forms; furthermore, variousomissions, substitutions and changes in the form of the embodimentsdescribed herein may be made without departing from the spirit of theinventions. The accompanying claims and their equivalents are intendedto cover such forms or modifications as would fall within the scope andspirit of the inventions.

What is claimed is:
 1. An electronic device comprising: one or moreconnectors configured to connect to external devices; and circuitryconfigured to: detect that the external devices are connected to the oneor more connectors; and authenticate access of a user based on an orderin which the external devices are connected to the one or moreconnectors.
 2. The electronic device of claim 1, wherein the circuitryis configured to acquire identification data items on the externaldevices connected to the one or more connectors, and to determinewhether or not an order indicated in the acquired identification dataitems matches a preset order.
 3. The electronic device of claim 1,wherein the circuitry is configured to determine kinds of the externaldevices connected to the one or more connectors, and to determinewhether or not an order of the determined kinds matches a preset order.4. The electronic device of claim 1, wherein the circuitry is configuredto acquire identification data items on the external devices connectedto the one or more connectors, to determine respective connections madebetween the one or more connectors and the external devices, and todetermine whether or not an order of combinations of acquiredidentification numbers and the determined connections matches a presetorder.
 5. The electronic device of claim 1, wherein the circuitry isconfigured to determine respective connections between the one or moreconnectors and the external devices, and determines whether or not anorder of the determined connections made matches a preset order.
 6. Amethod of an electronic device, the method comprising: detecting thatexternal devices are connected to one or more connectors; andauthenticating access of a user based on an order of connections made inwhich each of the external devices is connected to each of the one ormore connectors.
 7. The method of claim 6, wherein the authenticatingaccess of the user comprises acquiring identification data items on theexternal devices connected to the one or more connectors, anddetermining whether or not an order indicated in the acquiredidentification data items matches a preset order.
 8. The method of claim6, wherein the authenticating access of the user comprises determiningkinds of the external devices connected to the one or more connectors,and determining whether or not an order of the determined kinds matchesa preset order.
 9. The method of claim 6, wherein the authenticatingaccess of the user comprises acquiring identification data items on theexternal devices connected to the one or more connectors and determiningrespective connections between the one or more connectors and theexternal devices, and determining whether or not an order ofcombinations of acquired identification numbers and the determinedconnections matches a preset order.
 10. The method of claim 6, whereinthe authenticating access of the user comprises determining respectiveconnections between the one or more connectors and the external devices,and determining whether or not an order of the determined connectionsmatches a preset order.
 11. A non-transitory computer-readable storagemedium having stored thereon a computer program which is executable by acomputer, the computer program controlling the computer to executefunctions of: detecting that external devices are connected to one ormore connectors; and authenticating access of a user based on an orderin which the external devices are connected to the one or moreconnectors.
 12. The medium of claim 11, wherein the authenticatingaccess of the user comprises acquiring identification data items on theexternal devices connected to the one or more connectors, anddetermining whether or not an order indicated in the acquiredidentification data items matches a preset order.
 13. The medium ofclaim 11, wherein the authenticating access of the user comprisesdetermining kinds of the external devices connected to the one or moreconnectors, and determining whether or not an order of the determinedkinds matches a preset order.
 14. The medium of claim 11, wherein theauthenticating access of the user comprises acquiring identificationdata items on the external devices connected to the one or moreconnectors and determining respective connections made between the oneor more connectors and the external devices, and determining whether ornot an order of combinations of acquired identification numbers anddetermined connections matches a preset order.
 15. The medium of claim11, wherein the authenticating access of the user comprises determiningrespective connections made between the one or more connectors and theexternal devices, and determining whether or not an order of theconnections made matches a preset order.